Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Filing Systems for Campaign and Finance Reports Subcommittee Report on Security and Authentication in Filing Systems Information Network of.

Published byNicholas Norman Modified over 9 years ago

Similar presentations

Presentation on theme: "Electronic Filing Systems for Campaign and Finance Reports Subcommittee Report on Security and Authentication in Filing Systems Information Network of."— Presentation transcript:

1 Electronic Filing Systems for Campaign and Finance Reports Subcommittee Report on Security and Authentication in Filing Systems Information Network of Arkansas Bob Sanders, General Manager Karl Hills, Director of Technology Blain Purtle, Security Analyst

2 Topics How user authentication works Risks and mitigation strategies Approaches in other states

3 The Filing Process: Paper

4

5

6

7

8

9

10

11 Notaries provide user validation in paper filing

12 The Filing Process: Electronic

13

14

15 Types of keys: Login & password Two-factor authentication PIN code Digital certificate / PKI

16 The Filing Process: Electronic The Key: Grants access Uniquely tied to the filer Logs access and actions taken

17 The Filing Process: Electronic User Validation is critical: Notary or in-person issuance Mailed form Wet signature

18 The Filing Process: Electronic

19 IP Address: 170.94.194.130 Browser signature:

20 The Filing Process: Electronic Email notice / receipt

21 The Arkansas Electronic Records and Signatures Act “Electronic signature” means an electronic or digital method executed or adopted by a party with the intent to be bound by or to authenticate a record, which is unique to the person using it, is capable of verification, is under the sole control of the person using it, and is linked to data in such a manner that if the data are changed the electronic signature is invalidated. Act 718 of 1999

22 Risks & Strategies RiskMitigation Strategy Bad actor impersonates a filer at issuance State is the gate keeper Notary or in-person issuance Key is lost/stolen/compromised End-to-end encryption Password complexity Rotation schedule Two-factor (SMS, other) System is compromised; polluted with fraudulent data Already a risk with paper systems Notification to filer for any change Electronic forensics to aid investigation Immutable logs Notification settings are changed or disabled. State is the gate keeper Re-validate when changing notification or address settings.

23 Approaches in Other States Michigan: Signature form. Follows Federal rules. Tennessee: Signature form. Rhode Island: System generates paper filing which is then submitted with electronic filing. Indiana: Signature form. South Carolina: Signature and SSN required 98,000 filings over 9 years. No reports of fraud.

24 Questions

Download ppt "Electronic Filing Systems for Campaign and Finance Reports Subcommittee Report on Security and Authentication in Filing Systems Information Network of."

Similar presentations

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
Smart Card Authentication. Outline for Today Introduction of Smart Card Authentication Different Authentication Techniques Explain Authentication Techniques.

Smart Card Authentication. Outline for Today Introduction of Smart Card Authentication Different Authentication Techniques Explain Authentication Techniques.
Safe Script CA Digital Certificate Enrollment Guide With

Safe Script CA Digital Certificate Enrollment Guide With
EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.

EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Copyright © 1999, Financial Services Technology Consortium. All rights reserved. FSML and Echeck Milton M. Anderson Financial Services Technology Consortium.

Copyright © 1999, Financial Services Technology Consortium. All rights reserved. FSML and Echeck Milton M. Anderson Financial Services Technology Consortium.
What’s New, Improved or Just Maybe Different! Presented by: Lisa Huppertz, CM/ECF Coordinator.

What’s New, Improved or Just Maybe Different! Presented by: Lisa Huppertz, CM/ECF Coordinator.
RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.

RMG:Red Flags Rule 1 Regal Medical Group Red Flags Rule Identify Theft Training.
Department of Labor HSPD-12

Department of Labor HSPD-12
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.

Brooks Evans – CISSP-ISSEP, Security+ IT Security Officer Arkansas Department of Human Services.
Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.

Creating a Secured and Trusted Information Sphere in Different Markets Giuseppe Contino.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Bill Maaske CIO AZ Secretary of State

Bill Maaske CIO AZ Secretary of State
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Electronic and Digital Signatures

Electronic and Digital Signatures

Similar presentations

Ads by Google